You can configure named ACLs that filter Internet Packet Exchange (IPX), DECnet, AppleTalk, Virtual Integrated Network Service Must not be a keyword keywords to avoid are Must start with an alpha character and must be unique across all ACLs of all types Maximum of 31 characters and may include a-z, A-Z, 0-9, the dash character (-), the underscore character (_), and the period When you enter the ACL name, follow these naming conventions: Vlan] ] options, these options are ignored. If an extended MAC Access Control List is created using the [ protocol [vlan
List processor mac command line series#
This command was implemented on the Cisco ME 2600X Series Ethernet Access Switches.įor the Cisco 7600 series platform when ES20 or ES40 line cards are used, only the part of the command syntax applies. This command was implemented on Cisco ASR 901Series Aggregation Service Routers. This command was integrated into Cisco IOS XE Release 3.5S. The following Ethertype protocol values were added to the valid protocol list: This command was integrated into Cisco IOS Release 12.2(33)SRA. Support for this command on the Supervisor Engine 2 was extended to Release 12.2(17d)SXB. Ip keyword to the list of valid protocol names.
Support for this command was introduced on the Supervisor Engine 720. Name of the ACL to which the entry belongs. No mac access-list extended name Syntax Description Mac access-list extended command in global configuration mode. To create an extended MAC access control list (ACL) and define its access control entries (ACEs), use the Router(config-if)# mac access-group 101 in Related CommandsĬonfigures an IP access list to be used for packets transmitted from the asynchronous host.ĭisplays the ACL configuration on a Layer 2 interface.ĭisplays the contents of one or all MAC ACLs. Router(config)# interface gigabitethernet 0 The following example applies MAC ACL 101 on incoming traffic received on Gigabit Ethernet interface 0: The mac access-group command is supported on a VLAN subinterface only if a VLAN is already configured on the subinterface. On Catalyst 6500 series switches, this command is supported on Layer 2 ports only. If the specified MAC ACL does not exist on the interface or subinterface, all packets are passed.
List processor mac command line software#
If the access list denies the address, the software discards the packet and returns an Internet Control Message Protocol (ICMP)
If the MAC access list permits the address, the software continues to process the packet. Receives a packet, the Cisco IOS software checks the source MAC address of the Gigabit Ethernet, 802.1Q VLAN, or 802.1Q-in-Q
MAC ACLs are applied on incoming traffic on Gigabit Ethernet interfaces and VLAN subinterfaces. This command was integrated into Cisco IOS Release 12.2(33)SXH. This command was introduced on the Cisco 12000 series Internet router. Subinterface configuration (config-subif) No access list is applied to the interface or subinterface. This is a decimal number from 700 to 799. Number of a MAC ACL to apply to an interface or subinterface (as specified by a access-list (MAC) command). No mac access-group access-list-number in Syntax Description To remove a MAC ACL, use the no form of this command. VLAN subinterface, an 802.1Q-in-Q stacked VLAN subinterface, use the mac access-group command in interface or subinterface configuration mode. To use a MAC access control list (ACL) to control the reception of incoming traffic on a Gigabit Ethernet interface, an 802.1Q
0 kommentar(er)
